1
22
23 package com.liferay.portal.service.permission;
24
25 import com.liferay.portal.kernel.log.Log;
26 import com.liferay.portal.kernel.log.LogFactoryUtil;
27 import com.liferay.portal.model.User;
28 import com.liferay.portal.security.auth.PrincipalException;
29 import com.liferay.portal.security.permission.ActionKeys;
30 import com.liferay.portal.security.permission.PermissionChecker;
31 import com.liferay.portal.service.UserLocalServiceUtil;
32 import com.liferay.portal.util.PropsValues;
33
34
40 public class UserPermissionImpl implements UserPermission {
41
42 public void check(
43 PermissionChecker permissionChecker, long userId, String actionId)
44 throws PrincipalException {
45
46 if (!contains(permissionChecker, userId, actionId)) {
47 throw new PrincipalException();
48 }
49 }
50
51
54 public void check(
55 PermissionChecker permissionChecker, long userId,
56 long organizationId, long locationId, String actionId)
57 throws PrincipalException {
58
59 check(
60 permissionChecker, userId, new long[] {organizationId, locationId},
61 actionId);
62 }
63
64 public void check(
65 PermissionChecker permissionChecker, long userId,
66 long[] organizationIds, String actionId)
67 throws PrincipalException {
68
69 if (!contains(
70 permissionChecker, userId, organizationIds, actionId)) {
71
72 throw new PrincipalException();
73 }
74 }
75
76 public boolean contains(
77 PermissionChecker permissionChecker, long userId, String actionId) {
78
79 return contains(permissionChecker, userId, null, actionId);
80 }
81
82
85 public boolean contains(
86 PermissionChecker permissionChecker, long userId, long organizationId,
87 long locationId, String actionId) {
88
89 return contains(
90 permissionChecker, userId, new long[] {organizationId, locationId},
91 actionId);
92 }
93
94 public boolean contains(
95 PermissionChecker permissionChecker, long userId,
96 long[] organizationIds, String actionId) {
97
98 if (((PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5 ||
99 PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) &&
100 (permissionChecker.hasOwnerPermission(
101 permissionChecker.getCompanyId(), User.class.getName(), userId,
102 userId, actionId))) ||
103 (permissionChecker.getUserId() == userId)) {
104
105 return true;
106 }
107 else if (permissionChecker.hasPermission(
108 0, User.class.getName(), userId, actionId)) {
109
110 return true;
111 }
112 else {
113 try {
114 if (organizationIds == null) {
115 User user = UserLocalServiceUtil.getUserById(userId);
116
117 organizationIds = user.getOrganizationIds();
118 }
119
120 for (int i = 0; i < organizationIds.length; i++) {
121 long organizationId = organizationIds[i];
122
123 if (OrganizationPermissionUtil.contains(
124 permissionChecker, organizationId,
125 ActionKeys.MANAGE_USERS)) {
126
127 return true;
128 }
129 }
130 }
131 catch (Exception e) {
132 _log.error(e, e);
133 }
134 }
135
136 return false;
137 }
138
139 private static Log _log = LogFactoryUtil.getLog(UserPermissionImpl.class);
140
141 }